Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

x-stream — Vulnerabilities & Security Advisories 32

Browse all 32 CVE security advisories affecting x-stream. AI-powered Chinese analysis, POCs, and references for each vulnerability.

X-stream operates as a streaming media platform, primarily facilitating live video broadcasting and content distribution for digital creators and enterprises. Security audits have identified thirty-two distinct Common Vulnerabilities and Exposures (CVEs) associated with the software, indicating a significant historical attack surface. The most prevalent vulnerability classes include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and improper access control mechanisms that enable privilege escalation. These flaws often stem from insufficient input validation and weak authentication protocols within the application’s core architecture. While no single catastrophic data breach has been publicly attributed solely to x-stream, the high volume of disclosed CVEs suggests persistent integration and configuration errors. Users are advised to prioritize regular patching and strict network segmentation to mitigate risks associated with these known exploit vectors, ensuring that the platform’s streaming capabilities do not compromise underlying system integrity.

Top products by x-stream: xstream
CVE IDTitleCVSSSeverityPublished
CVE-2024-47072 XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream — xstreamCWE-121 7.5 High2024-11-07
CVE-2022-41966 XStream Denial of Service via stack overflow — xstreamCWE-120 8.2 High2022-12-27
CVE-2021-43859 Denial of Service by injecting highly recursive collections or maps in XStream — xstreamCWE-400 7.5 High2022-02-01
CVE-2021-39150 A Server-Side Forgery Request vulnerability in XStream via PriorityQueue unmarshaling — xstreamCWE-502 8.5 High2021-08-23
CVE-2021-39152 A Server-Side Forgery Request vulnerability in XStream via HashMap unmarshaling — xstreamCWE-502 8.5 High2021-08-23
CVE-2021-39140 XStream can cause a Denial of Service — xstreamCWE-502 6.5 Medium2021-08-23
CVE-2021-39149 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 8.5 High2021-08-23
CVE-2021-39148 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 8.5 High2021-08-23
CVE-2021-39147 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 8.5 High2021-08-23
CVE-2021-39146 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 8.5 High2021-08-23
CVE-2021-39145 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 8.5 High2021-08-23
CVE-2021-39141 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 8.5 High2021-08-23
CVE-2021-39153 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 8.5 High2021-08-23
CVE-2021-39151 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 8.5 High2021-08-23
CVE-2021-39139 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-502 8.5 High2021-08-23
CVE-2021-39154 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 8.5 High2021-08-23
CVE-2021-39144 XStream is vulnerable to a Remote Command Execution attack — xstreamCWE-94 8.5 High2021-08-23
CVE-2021-29505 XStream is vulnerable to a Remote Command Execution attack — xstreamCWE-94 7.5 High2021-05-28
CVE-2021-21348 XStream is vulnerable to an attack using Regular Expression for a Denial of Service (ReDos) — xstreamCWE-400 5.3 Medium2021-03-22
CVE-2021-21349 A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host — xstreamCWE-502 6.1 Medium2021-03-22
CVE-2021-21350 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 5.3 Medium2021-03-22
CVE-2021-21351 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 5.4 Medium2021-03-22
CVE-2021-21341 XStream can cause a Denial of Service — xstreamCWE-400 7.5 High2021-03-22
CVE-2021-21342 A Server-Side Forgery Request can be activated unmarshalling with XStream to access data streams from an arbitrary URL referencing a resource in an intranet or the local host — xstreamCWE-502 5.3 Medium2021-03-22
CVE-2021-21343 XStream is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling as long as the executing process has sufficient rights — xstreamCWE-73 5.3 Medium2021-03-22
CVE-2021-21344 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 5.3 Medium2021-03-22
CVE-2021-21345 XStream is vulnerable to a Remote Command Execution attack — xstreamCWE-94 5.8 Medium2021-03-22
CVE-2021-21346 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 6.1 Medium2021-03-22
CVE-2021-21347 XStream is vulnerable to an Arbitrary Code Execution attack — xstreamCWE-434 6.1 Medium2021-03-22
CVE-2020-26258 Server-Side Forgery Request can be activated unmarshalling with XStream — xstreamCWE-918 6.3 Medium2020-12-16

This page lists every published CVE security advisory associated with x-stream. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.